Linked by Thom Holwerda on Mon 28th Aug 2006 18:12 UTC, submitted by anonymous
A landmark study on Department of Justice network crime prosecutions reveals most attacks used stolen IDs and passwords, resulting in far greater damages to affected organizations than previously thought: up to USD 10 million per occurrence and on average more than USD 1.5 million per occurrence. The report, "Network Attacks: Analysis of Department of Justice Prosecutions 1999-2006", concludes that 84% of attacks could have been prevented if, in addition to checking the user ID and password, the organization had verified the identity of the computer connecting to their networks and accounts.
Thread beginning with comment 156848
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:
2005-12-31
> If someone can send a false ID and password, what's
> to prevent them from sending a false ID for their
> computer?
Public key encryption, digital signatures, and the fact that nobody but the owner of a private key ever gets access to it.
Edited 2006-08-29 19:40